Our organization sends employees to some dangerous areas, and we're considering the use of RFID microchip implants...
to track their whereabouts and help ensure their safety. From an information security perspective, what are the benefits and potential threats associated with microchip implants or RFID tags on employees?
This sounds like a misconception about the current state of RFID implant technology. The implants can certainly be used to identify a human and potentially to unlock a medical record, for example. But I'm not aware of RFID implants that have GPS tracking capabilities, so it's not clear that this approach would meet such requirements -- unless these "dangerous areas" have RFID readers every 30 feet or so.
But that's just the tip of the iceberg. The privacy ramifications of implanting anything into an employee are quite serious. The employee may voluntarily agree to this tactic, since he or she believes it may increase safety, but it introduces serious data security risks.
For example, if the RFID database is hacked, all of the information about that employee is subject to compromise. If medical records or perhaps location information (in the event that technology emerges) are linked to the tag, there is substantial risk to not only the enterprise, but also to the individuals.
I'm afraid this is a slippery slope and I'm not sure I can recommend an aggressive employee-tracking approach like this in good conscience.
Dig Deeper on Biometric technology
Related Q&A from Mike Rothman
Pirated software is still a major concern nowadays. Uncover how to prevent software piracy and protect your organization's intellectual property. Continue Reading
While liaison officer responsibilities vary depending on the company they work for, their strong organizational and communications skills make them ... Continue Reading
The CISSP certification can be a challenge to obtain. Mike Rothman unveils how to get on the right education and career tracks in order to get CISSP ... Continue Reading